ZDNet reported that researchers at Sonatype discovered a malicious JavaScript library recently published on the node package manager (npmjs.com) website that steals sensitive files and credentials from various web browsers and the Discord client. The package discord.dll will steal the LevelDB databases that the browsers used to store the history as well as access tokens used for various sites. Sonatype notes that this is an improvement upon the fallguys library that was seen in August. At the time of this writing, the package has been listed as malicious by Npm and replaced by a security holder.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security